package com.test.ml.config;

import com.test.ml.filter.LoginFilter;
import com.test.ml.filter.MyFilter;
import com.test.ml.ream.MyReam;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import  org.apache.shiro.mgt.SecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;



/**
 * @author 马亮
 * @version V1.0
 * @Description: Apache Shiro 核心通过 Filter 来实现，就好像SpringMvc 通过DispachServlet 来主控制一样。
既然是使用 Filter 一般也就能猜到，是通过URL规则来进行过滤和权限校验，所以我们需要定义一系列关于URL的规则和访问权限。
 */
@Configuration
public class ShiroConfiguration {
    /**
          * ShiroFilterFactoryBean 处理拦截资源文件问题。
          * 注意：单独一个ShiroFilterFactoryBean配置是或报错的，以为在
          * 初始化ShiroFilterFactoryBean的时候需要注入：SecurityManager
          *
             Filter Chain定义说明
            1、一个URL可以配置多个Filter，使用逗号分隔
            2、当设置多个过滤器时，全部验证通过，才视为通过
            3、部分过滤器可指定参数，如perms，roles
          *
          */
        @Bean
    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager){
        System.out.println("ShiroConfiguration.shirFilter()");
           ShiroFilterFactoryBean shiroFilterFactoryBean  = new ShiroFilterFactoryBean();

          // 必须设置 SecurityManager 
       shiroFilterFactoryBean.setSecurityManager(securityManager);
            Map<String,Filter> filterMap = new LinkedHashMap<>();
            filterMap.put("authc",loginFilter());
            filterMap.put("perms",myFilter());

            shiroFilterFactoryBean.setFilters(filterMap);
       //拦截器.
       Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String,String>();
      

       //<!-- 过滤链定义，从上向下顺序执行，一般将 /**放在最为下边 -->:这是一个坑呢，一不小心代码就不好使了;
        //<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->
            filterChainDefinitionMap.put("/","anon");
//            filterChainDefinitionMap.put("/yqs/**", "authc");


       shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
       return shiroFilterFactoryBean;
    }


    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager)
    {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }
   
           
    @Bean
    public SecurityManager securityManager(){
       DefaultWebSecurityManager securityManager =  new DefaultWebSecurityManager();
        securityManager.setRealm(myShiroRealm());
       return securityManager;
    }
    @Bean
    public MyReam myShiroRealm(){
        return new MyReam();
    }

    @Bean
    public LoginFilter loginFilter()
    {
        return new LoginFilter();
    }
    @Bean
    public MyFilter myFilter()
    {
        return new MyFilter();
    }
}